May 25, 2023

Living Off the Land Techniques Evading Detection

May 25, 2023

What we know so far

This joint advisory by US and international cybersecurity authorities highlights the recent discovery of cyber activities associated with Volt Typhoon, a state-sponsored actor originating from the People's Republic of China (PRC). The activities have been found to impact critical infrastructure sectors in the United States, with the potential for global implications. The actor's primary tactic, known as "living off the land," involves utilizing existing network administration tools to evade detection by blending in with normal system activities. The advisory provides examples of the actor's commands and detection signatures to assist network defenders.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories